The latest articles on DEV Community by Fabián BCH. (@fabianbch). https://dev.to/fabianbch https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1202403%2F9a073e31-18d3-4edf-9a25-cf4c81d47c7c.png https://dev.to/fabianbch en Fabián BCH. Wed, 18 Feb 2026 16:57:08 +0000 https://dev.to/fabianbch/identification-of-cyber-threats-using-big-data-architectures-1gja https://dev.to/fabianbch/identification-of-cyber-threats-using-big-data-architectures-1gja <p>The massive use of Information and Communication Technologies has led to the interdependence of society with respect to them; added to the absence of efficient and effective controls at a general level, increases the exposure to cyberattacks or threats, to vulnerabilities in the information assets of organizations.</p> <p>In this context, this article proposes a data analysis architecture using Big Data tools and security events or logs to improve event identification, integration, and correlation. The research methodology employed was exploratory and descriptive.</p> <p>The proposed solution was developed using the Big Data processing phases proposed by Labrinidis and Jagadish, which enable the identification of cyber threats. The designed technological architecture was based on the integration of the Elastic Stack and its main components (Elasticsearch, Logstash, Kibana), and technologies such as Filebeat and Wazuh Security Detection (NIPS/HIDS), managing security across information assets such as communications equipment, data and application servers, database engines, and end-user terminals.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fufjgpa8wpk6ohrdy1c3y.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fufjgpa8wpk6ohrdy1c3y.png" alt=" " width="800" height="357"></a></p> <p>Its implementation would allow for real-time and historical monitoring of an agile and effective response to security alerts and status reports in the event of incidents.</p> <p>Although some time has passed, I am sharing with you an abstract of my Master's Thesis (TFM) condensed into an academic paper, published in November 2021 along with professors from the Universidad Tecnológica ECOTEC, proposing a model for identifying threats by applying Big Data architectures.</p> <p>INNOVA Research Journal, Universidad Internacional del Ecuador<br> November 2021, Published scientific article.</p> <p><a href="https://orcid.org/0000-0002-7994-3890" rel="noopener noreferrer">https://orcid.org/0000-0002-7994-3890</a></p> <p><a href="https://revistas.uide.edu.ec/index.php/innova/article/view/1860" rel="noopener noreferrer">https://revistas.uide.edu.ec/index.php/innova/article/view/1860</a></p> <p><a href="https://www.researchgate.net/publication/356545358_Identificacion_de_amenazas_informaticas_aplicando_arquitecturas_de_Big_Data" rel="noopener noreferrer">https://www.researchgate.net/publication/356545358_Identificacion_de_amenazas_informaticas_aplicando_arquitecturas_de_Big_Data</a></p> <p><a href="https://www.gworks-ec.com" rel="noopener noreferrer">https://www.gworks-ec.com</a></p> bigdata cybersecurity siem soc Fabián BCH. Thu, 12 Feb 2026 18:56:54 +0000 https://dev.to/fabianbch/vulnerability-management-strategy-ml1 https://dev.to/fabianbch/vulnerability-management-strategy-ml1 <p>Vulnerability management and its respective mitigation are critical aspects in the security of companies, since they allow mitigating the risks to which assets are exposed. To learn about the importance and possible approaches to improve enterprise security posture (SPM), some key criteria are outlined.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj7q128k4v81o7cr11k6i.jpeg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj7q128k4v81o7cr11k6i.jpeg" alt=" " width="613" height="361"></a></p> <p><strong>- Regulatory and/or regulatory compliance:</strong></p> <p>Organizations, by their nature, must comply with security regulations and vulnerability management, in this sense it is important to comply with regulations or standards such as GDPR (EU), HIPAA, SOX or ISO 27001:2023 and its Annex A, among others.</p> <p><strong>- Recurring security assessments:</strong></p> <p>It is advisable to execute continuous security assessments and tests, such as penetration tests, adversary emulation and vulnerability scans, allowing the identification of security gaps in the organization.</p> <p><strong>- Assets protection:</strong></p> <p>Vulnerability management helps safeguard confidential data, as well as the organization's critical assets, allowing us to mitigate possible risks such as loss, theft or exfiltration of information.</p> <p><strong>- Prioritization and categorization of vulnerabilities:</strong></p> <p>As part of vulnerability management, it is necessary to categorize, classify and prioritize security breaches according to their criticality and impact on the organization, allowing security teams to focus their efforts on resolving critical and high-level findings, mainly , but without losing sight of the medium and low level.</p> <p><strong>- Implementation of security patches:</strong></p> <p>Keep technological infrastructure platforms (hardware and software) updated with the latest security patches recommended by different manufacturers, to mitigate at least known vulnerabilities.</p> <p><strong>- Prevention and identification of cyber threats:</strong></p> <p>Identifying vulnerabilities early and proactively reduces the possibility of exploitation of gaps by attackers or adversaries (pentesters).</p> cybersecurity infosec management security Fabián BCH. Mon, 14 Apr 2025 18:58:49 +0000 https://dev.to/fabianbch/-2h88 https://dev.to/fabianbch/-2h88 <div class="ltag__link--embedded"> <div class="crayons-story "> <a href="https://dev.to/cyb3rcloud8888/entendiendo-los-identificadores-arn-y-aida-en-aws-iam-o45" class="crayons-story__hidden-navigation-link">Entendiendo los Identificadores ARN y AIDA en AWS IAM</a> <div class="crayons-story__body crayons-story__body-full_post"> <div class="crayons-story__top"> <div class="crayons-story__meta"> <div class="crayons-story__author-pic"> <a href="/cyb3rcloud8888" class="crayons-avatar crayons-avatar--l "> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1236349%2F60e8f978-f2a6-4a2f-abdc-73cb29164d45.jpg" alt="cyb3rcloud8888 profile" class="crayons-avatar__image"> </a> </div> <div> <div> <a href="/cyb3rcloud8888" class="crayons-story__secondary fw-medium m:hidden"> Willie Reyes </a> <div class="profile-preview-card relative mb-4 s:mb-0 fw-medium hidden m:inline-block"> Willie Reyes <div id="story-author-preview-content-2115914" class="profile-preview-card__content crayons-dropdown branded-7 p-4 pt-0"> <div class="gap-4 grid"> <div class="-mt-4"> <a href="/cyb3rcloud8888" class="flex"> <span class="crayons-avatar crayons-avatar--xl mr-2 shrink-0"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1236349%2F60e8f978-f2a6-4a2f-abdc-73cb29164d45.jpg" class="crayons-avatar__image" alt=""> </span> <span class="crayons-link crayons-subtitle-2 mt-5">Willie Reyes</span> </a> </div> <div class="print-hidden"> Follow </div> <div class="author-preview-metadata-container"></div> </div> </div> </div> </div> <a href="https://dev.to/cyb3rcloud8888/entendiendo-los-identificadores-arn-y-aida-en-aws-iam-o45" class="crayons-story__tertiary fs-xs"><time>Nov 21 '24</time><span class="time-ago-indicator-initial-placeholder"></span></a> </div> </div> </div> <div class="crayons-story__indention"> <h2 class="crayons-story__title crayons-story__title-full_post"> <a href="https://dev.to/cyb3rcloud8888/entendiendo-los-identificadores-arn-y-aida-en-aws-iam-o45" id="article-link-2115914"> Entendiendo los Identificadores ARN y AIDA en AWS IAM </a> </h2> <div class="crayons-story__tags"> <a class="crayons-tag crayons-tag--monochrome " href="/t/aws"><span class="crayons-tag__prefix">#</span>aws</a> <a class="crayons-tag crayons-tag--monochrome " href="/t/cloudcomputing"><span class="crayons-tag__prefix">#</span>cloudcomputing</a> <a class="crayons-tag crayons-tag--monochrome " href="/t/cloudsecurity"><span class="crayons-tag__prefix">#</span>cloudsecurity</a> </div> <div class="crayons-story__bottom"> <div class="crayons-story__details"> <a href="https://dev.to/cyb3rcloud8888/entendiendo-los-identificadores-arn-y-aida-en-aws-iam-o45#comments" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left flex items-center"> Comments <span class="hidden s:inline">Add Comment</span> </a> </div> <div class="crayons-story__save"> <small class="crayons-story__tertiary fs-xs mr-2"> 2 min read </small> <span class="bm-initial"> </span> <span class="bm-success"> </span> </div> </div> </div> </div> </div> </div> aws cloudcomputing cloudsecurity